Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

1

Report.ps1

windows7-x64

10

Report.ps1

windows10-2004-x64

10

Resubmissions

12/03/2025, 21:58

250312-1vyfqat1dx 10

12/03/2025, 21:51

250312-1qnqqawkv6 10

12/03/2025, 21:45

250312-1mkjwstzcv 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Report.ps1

  • Size

    458KB

  • Sample

    250312-1vyfqat1dx

  • MD5

    20d2c488f9ce3e337faf20ea1a9abe47

  • SHA1

    ea844520e903e1f7d8f234a057cd3cc778380ae9

  • SHA256

    6e7ff182d4509ea804b6ed739ffa2191af2891af164ede9a90e79aea8fee4d1f

  • SHA512

    6581df037579fd6684ee4a44d2e631a4aa9c524b47c47fe2afb9434c487824146fb000d9c7a7b63df6c534b00f4a979f24be88019b3ed12d9bf3ce81508b243c

  • SSDEEP

    768:llcMsNARzF0NToMotYJKN2C0FIMG9Kl/2:6/2

Score
10/10
asyncratdefaultdiscoveryexecutionrat

Malware Config

Extracted

Family

asyncrat

Version

A 14

Botnet

Default

C2

nams.ddnsfree.com:409

aliomar.ooguy.com:409
Mutex

MaterxMutex_Egypt409

Attributes
  • delay

    3

  • install

    false

  • install_folder

    %AppData%

aes.plain

Targets

    • Target

      Report.ps1

    • Size

      458KB

    • MD5

      20d2c488f9ce3e337faf20ea1a9abe47

    • SHA1

      ea844520e903e1f7d8f234a057cd3cc778380ae9

    • SHA256

      6e7ff182d4509ea804b6ed739ffa2191af2891af164ede9a90e79aea8fee4d1f

    • SHA512

      6581df037579fd6684ee4a44d2e631a4aa9c524b47c47fe2afb9434c487824146fb000d9c7a7b63df6c534b00f4a979f24be88019b3ed12d9bf3ce81508b243c

    • SSDEEP

      768:llcMsNARzF0NToMotYJKN2C0FIMG9Kl/2:6/2

    Score
    10/10
    asyncratdefaultdiscoveryexecutionrat

    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers written in C#.

      ratasyncrat

    • Asyncrat family

      asyncrat

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks